Accountable Primelife Policy Engine
What the tool offers
In the cloud, mechanisms to automatically enforce organizational and data governance policies are fundamental for compliance management. Using the A4Cloud policy enforcement tool, called Accountable Primelife Policy Engine (A-PPLE), cloud providers can offer more transparency about the data handling, and help to prevent privacy breaches. An independent party, providing assurance about the data handling, can audit the deployment and configuration of the tool. Then, policy enforcement will happen in a predictable manner, satisfying the data controller needs and obligations, as determined by the data controller, giving transparency to the (cloud) data subject – since policies have clear semantics. The enforcement engine works in cooperation with further A4Cloud tools to reinforce the assurance about the correct policy execution.
The tool innovation
A-PPLE is based on previous standards for access control, i.e. XACML, which was extended with usage control and accountability features. It automatically enforces obligations based on time-based triggers, or a series of other events. It is easily auditable, producing traces to the data controller (or yet to the Data Protection Authority), but also towards the data subject.
A-PPLE will drastically reduce the risk of non-compliance and improve consumer trust in the services using it. A-PPLE is a powerful accountability mechanism guaranteeing that if the data controller uses it as a gateway to personal data, there is adequacy between data collection and purpose of the processing.